Changing the behavior of the middlewares to proceed with the pipeline

Author: tsutomi

src/Deveel.Webhooks.Receiver.AspNetCore/Deveel.Webhooks.Receiver.AspNetCore.csproj

@@ -24,6 +24,7 @@
 	<ItemGroup>
 		<PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.2.0" />
 		<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="6.0.0" />
+		<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="6.0.0" />
 		<PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="6.0.0" />
 	</ItemGroup>
 

src/Deveel.Webhooks.Receiver.AspNetCore/Deveel.Webhooks.Receiver.AspNetCore.xml

@@ -0,0 +1,11 @@
+using System;
+
+using Microsoft.Extensions.Logging;
+
+namespace Deveel.Webhooks {
+    static partial class LoggerExtensions {
+        [LoggerMessage(EventId = -20222, Level = LogLevel.Warning,
+            Message = "It was not possible to resolve any webhook receiver for the type '{WebhookType}'")]
+        public static partial void WarnReceiverNotRegistered(this ILogger logger, Type webhookType);
+    }
+}

src/Deveel.Webhooks.Receiver.AspNetCore/Webhooks/LoggerExtensions.cs

@@ -14,6 +14,9 @@
 
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Logging.Abstractions;
+using Microsoft.Extensions.Options;
 
 namespace Deveel.Webhooks {
     class WebhookDelegatedReceiverMiddleware<TWebhook> where TWebhook : class {
@@ -33,34 +36,65 @@ public WebhookDelegatedReceiverMiddleware(RequestDelegate next,
 			syncHandler = handler;
 		}
 
+		private WebhookReceiverOptions GetOptions(HttpContext context) {
+			var snapshot = context?.RequestServices?.GetService<IOptionsSnapshot<WebhookReceiverOptions>>();
+			return snapshot?.GetReceiverOptions<TWebhook>() ?? new WebhookReceiverOptions();
+		}
+
+		private ILogger GetLogger(HttpContext context) {
+			var loggerFactory = context?.RequestServices?.GetService<ILoggerFactory>();
+            return loggerFactory?.CreateLogger<WebhookDelegatedReceiverMiddleware<TWebhook>>() ?? 
+				NullLogger<WebhookDelegatedReceiverMiddleware<TWebhook>>.Instance;
+		}
+
 
 		public async Task InvokeAsync(HttpContext context) {
-			try {
+            var options = GetOptions(context);
+			var logger = GetLogger(context);
+
+            try {
 				var receiver = context.RequestServices.GetService<IWebhookReceiver<TWebhook>>();
-				if (receiver == null) {
-					await next(context);
+				
+				WebhookReceiveResult<TWebhook>? result = null;
+
+				if (receiver != null) {
+					result = await receiver.ReceiveAsync(context.Request, context.RequestAborted);
+
+					if (result != null && result.Value.Successful && result.Value.Webhook != null) {
+						if (asyncHandler != null) {
+							await asyncHandler(context, result.Value.Webhook, context.RequestAborted);
+						} else if (syncHandler != null) {
+							syncHandler(context, result.Value.Webhook);
+						}
+					}
 				} else {
-					var result = await receiver.ReceiveAsync(context.Request, context.RequestAborted);
-
-					if (result.SignatureValid != null && !result.SignatureValid.Value) {
-						// TODO: get this from the configuration
-						context.Response.StatusCode = 400;
-					} else if (result.Webhook == null) {
-						context.Response.StatusCode = 400;
-					} else if (asyncHandler != null) {
-						await asyncHandler(context, result.Webhook, context.RequestAborted);
-					} else if (syncHandler != null) {
-						syncHandler(context, result.Webhook);
-					} else {
-						await next(context);
+					logger.WarnReceiverNotRegistered(typeof(TWebhook));
+				}
+
+				await next.Invoke(context);
+
+				if (!context.Response.HasStarted && result != null) {
+					if ((result?.SignatureValidated ?? false) && !(result?.SignatureValid ?? false)) {
+						context.Response.StatusCode = options?.InvalidStatusCode ?? 400;
+					} else if ((result?.Successful ?? false)) {
+						context.Response.StatusCode = options?.ResponseStatusCode ?? 204;
 					}
+
+					// TODO: should we emit anything here?
+					await context.Response.WriteAsync("");
 				}
-			} catch (Exception ex) {
+			} catch (WebhookReceiverException ex) {
 				// TODO: log this error ...
 
-				context.Response.StatusCode = 500;
+				if (!context.Response.HasStarted) {
+					context.Response.StatusCode = options?.ErrorStatusCode ?? 500;
+					await context.Response.WriteAsync("");
+				}
+
 				// TODO: should we emit anything here?
 			}
+
+
 		}
 	}
-}
+}

src/Deveel.Webhooks.Receiver.AspNetCore/Webhooks/WebhookDelegatedReceiverMiddleware.cs

@@ -61,5 +61,15 @@ public WebhookReceiveResult(TWebhook? webhook, bool? signatureValid) : this() {
 		/// </param>
 		public static implicit operator WebhookReceiveResult<TWebhook>(TWebhook? webhook)
 			=> new WebhookReceiveResult<TWebhook>(webhook, null);
+
+		/// <summary>
+		/// Gets whether the signature of the webhook was validated.
+		/// </summary>
+		public bool SignatureValidated => SignatureValid.HasValue;
+
+		/// <summary>
+		/// Gets whether the webhook was successfully received.
+		/// </summary>
+		public bool Successful => Webhook != null && (!SignatureValidated || SignatureValid == true);
 	}
 }

src/Deveel.Webhooks.Receiver.AspNetCore/Webhooks/WebhookReceiveResult.cs

@@ -13,39 +13,71 @@
 // limitations under the License.
 
 using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Logging.Abstractions;
+using Microsoft.Extensions.Options;
 
 namespace Deveel.Webhooks {
-    class WebhookReceiverMiddleware<TWebhook> : IMiddleware where TWebhook : class {
-		private readonly IEnumerable<IWebhookHandler<TWebhook>> handlers;
+	class WebhookReceiverMiddleware<TWebhook> : IMiddleware where TWebhook : class {
+		private readonly IEnumerable<IWebhookHandler<TWebhook>>? handlers;
 		private readonly IWebhookReceiver<TWebhook> receiver;
+		private readonly WebhookReceiverOptions options;
+		private readonly ILogger logger;
 
-		public WebhookReceiverMiddleware(IWebhookReceiver<TWebhook> receiver, IEnumerable<IWebhookHandler<TWebhook>> handlers) {
+		public WebhookReceiverMiddleware(
+			IOptionsSnapshot<WebhookReceiverOptions> options,
+			IWebhookReceiver<TWebhook> receiver,
+			IEnumerable<IWebhookHandler<TWebhook>>? handlers = null,
+			ILogger<WebhookReceiverMiddleware<TWebhook>>? logger = null) {
+			this.options = options.GetReceiverOptions<TWebhook>();
 			this.receiver = receiver;
 			this.handlers = handlers;
+			this.logger = logger ?? NullLogger<WebhookReceiverMiddleware<TWebhook>>.Instance;
 		}
 
+		private int SuccessStatusCode => options.ResponseStatusCode ?? 200;
+
+		private int FailureStatusCode => options.ErrorStatusCode ?? 500;
+
+		private int InvalidStatusCode => options.InvalidStatusCode ?? 400;
+
 		public async Task InvokeAsync(HttpContext context, RequestDelegate next) {
 			try {
 				var result = await receiver.ReceiveAsync(context.Request, context.RequestAborted);
 
-				if (result.SignatureValid != null && !result.SignatureValid.Value) {
-					// TODO: get this from the configuration
-					context.Response.StatusCode = 400;
-				} else if (result.Webhook == null) {
-					context.Response.StatusCode = 400;
-				} else if (handlers != null) {
+				if (handlers != null && result.Successful && result.Webhook != null) {
 					foreach (var handler in handlers) {
 						await handler.HandleAsync(result.Webhook, context.RequestAborted);
 					}
-				} else {
-					await next(context);
 				}
-			} catch (Exception ex) {
+
+				await next.Invoke(context);
+
+				if (!context.Response.HasStarted) {
+					if (result.Successful) {
+                        context.Response.StatusCode = SuccessStatusCode;
+                    } else if (result.SignatureValidated && !result.SignatureValid.Value) {
+						context.Response.StatusCode = InvalidStatusCode;
+					} else {
+						context.Response.StatusCode = FailureStatusCode;
+					}
+
+					// TODO: should we emit anything here?
+                    await context.Response.WriteAsync("");
+				}
+			} catch (WebhookReceiverException ex) {
 				// TODO: log this error ...
 
-				context.Response.StatusCode = 500;
+				if (!context.Response.HasStarted) {
+					context.Response.StatusCode = FailureStatusCode;
+
+					// TODO: should we emit anything here?
+					await context.Response.WriteAsync("");
+				}
+
 				// TODO: should we emit anything here?
 			}
+
 		}
 	}
 }

src/Deveel.Webhooks.Receiver.AspNetCore/Webhooks/WebhookReceiverMiddleware.cs

@@ -28,13 +28,13 @@ public class WebhookReceiverOptions {
 		/// <summary>
 		/// Gets or sets the options for the signature verification.
 		/// </summary>
-		public WebhookSignatureOptions Signature { get; set; } = new WebhookSignatureOptions();
+		public WebhookSignatureOptions? Signature { get; set; } = new WebhookSignatureOptions();
 
 		/// <summary>
 		/// Gets or sets the HTTP status code to return when the webhook
 		/// processing is successful (<c>201</c> by default).
 		/// </summary>
-		public int? ResponseStatusCode { get; set; } = 201;
+		public int? ResponseStatusCode { get; set; } = 204;
 
 		/// <summary>
 		/// Gets or sets the HTTP status code to return when the webhook
@@ -47,5 +47,11 @@ public class WebhookReceiverOptions {
 		/// from the sender is invalid (<c>400</c> by default).
 		/// </summary>
 		public int? InvalidStatusCode { get; set; } = 400;
+
+		/// <summary>
+		/// Gets or sets the options for the verification of the webhook
+		/// requests by the sender.
+		/// </summary>
+		public WebhookVerificationOptions? Verification { get; set; } = new WebhookVerificationOptions();
 	}
 }

src/Deveel.Webhooks.Receiver.AspNetCore/Webhooks/WebhookReceiverOptions.cs

@@ -16,9 +16,49 @@
 using System.Threading.Tasks;
 
 using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Logging.Abstractions;
+using Microsoft.Extensions.Options;
 
 namespace Deveel.Webhooks {
 	class WebhookRequestVerfierMiddleware<TWebhook> : IMiddleware where TWebhook : class {
-		public Task InvokeAsync(HttpContext context, RequestDelegate next) => throw new NotImplementedException();
+        private readonly WebhookReceiverOptions options;
+		private readonly IWebhookRequestVerifier<TWebhook>? requestVerifier;
+        private readonly ILogger logger;
+
+        public WebhookRequestVerfierMiddleware(
+            IOptionsSnapshot<WebhookReceiverOptions> options,
+            IWebhookRequestVerifier<TWebhook>? requestVerifier = null, 
+            ILogger<WebhookRequestVerfierMiddleware<TWebhook>>? logger = null) {
+            this.options = options.GetReceiverOptions<TWebhook>();
+            this.requestVerifier = requestVerifier;
+            this.logger = logger ?? NullLogger<WebhookRequestVerfierMiddleware<TWebhook>>.Instance;
+        }
+
+        public async Task InvokeAsync(HttpContext context, RequestDelegate next) {
+            try {
+                WebhookVerificationResult? result = null;
+
+                if (requestVerifier != null) {
+                    result = await requestVerifier.VerifyRequestAsync(context.Request, context.RequestAborted);
+                }
+
+                await next.Invoke(context);
+
+                if (result != null && !context.Response.HasStarted) {
+                    if (result?.IsVerified ?? false) {
+
+                    } else {
+
+                    }
+                }
+            } catch (WebhookReceiverException ex) {
+                if (!context.Response.HasStarted) {
+                    
+                }
+            }
+
+
+        }
 	}
 }

src/Deveel.Webhooks.Receiver.AspNetCore/Webhooks/WebhookRequestVerfierMiddleware.cs

@@ -0,0 +1,27 @@
+using System;
+
+namespace Deveel.Webhooks {
+    /// <summary>
+    /// Provides a set of options to configure the behavior of the
+    /// verification process of a webhook request.
+    /// </summary>
+    public class WebhookVerificationOptions {
+        /// <summary>
+        /// Gets or sets the HTTP status code to return when the request
+        /// is authorized (<c>200</c> by default).
+        /// </summary>
+        public int? SuccessStatusCode { get; set; } = 200;
+
+        /// <summary>
+        /// Gets or sets the HTTP status code to return when the request
+        /// fails due to an internal error (<c>500</c> by default).
+        /// </summary>
+        public int? FailureStatusCode { get; set; } = 500;
+
+        /// <summary>
+        /// Gets or sets the HTTP status code to return when the request
+        /// is not authorized (<c>403</c> by default).
+        /// </summary>
+        public int? NotAuthorizedStatusCode { get; set; } = 403;
+    }
+}

src/Deveel.Webhooks.Receiver.AspNetCore/Webhooks/WebhookVerificationOptions.cs

@@ -11,7 +11,7 @@ public static void Main(string[] args) {
 			builder.Services.AddLogging();
 
 			// Add services to the container.
-			builder.Services.AddAuthorization();
+			// builder.Services.AddAuthorization();
 			builder.Services
 				.AddWebhooks<TestWebhook>()
 				.UseNewtonsoftJsonParser()
@@ -32,11 +32,13 @@ public static void Main(string[] args) {
 
 			var app = builder.Build();
 
-			// Configure the HTTP request pipeline.
+            // app.UseDeveloperExceptionPage();
 
-			app.UseHttpsRedirection();
+            // Configure the HTTP request pipeline.
 
-			app.UseAuthorization();
+            // app.UseHttpsRedirection();
+
+			// app.UseAuthorization();
 
 			app.UseWebhookReceiver<TestWebhook>("/webhook");
 			app.UseWebhookReceiver<TestWebhook>("/webhook/handled", (context, webhook) => {